admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-09T13:00:19.269876+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-09 13:03:48 +00:00
parent 92fc3f4539
commit 58ba740d41
4 changed files with 291 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CVE-2025/CVE-2025-21xx/CVE-2025-2120.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-2120",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-09T11:15:35.023",
"lastModified": "2025-03-09T11:15:35.023",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been rated as problematic. This issue affects some unknown processing of the file /tmp/hostapd.conf of the component Configuration File Handler. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.4,
"baseSeverity": "LOW",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.1,
"baseSeverity": "LOW",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.7,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N",
"baseScore": 1.7,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.1,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
},
{
"lang": "en",
"value": "CWE-313"
}
]
}
],
"references": [
{
"url": "https://github.com/geo-chen/Thinkware-Dashcam",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.299033",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.299033",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.507327",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-21xx/CVE-2025-2121.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-2121",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-09T11:15:36.647",
"lastModified": "2025-03-09T11:15:36.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 5.8,
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
},
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/geo-chen/Thinkware-Dashcam",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.299034",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.299034",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.507328",
"source": "cna@vuldb.com"
}
]
}

10
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-09T11:00:19.372406+00:00
2025-03-09T13:00:19.269876+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-09T09:15:12.560000+00:00
2025-03-09T11:15:36.647000+00:00
```
### Last Data Feed Release
@ -33,15 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
284568
284570
```
### CVEs added in the last Commit
Recently added CVEs: `2`
- [CVE-2025-2118](CVE-2025/CVE-2025-21xx/CVE-2025-2118.json) (`2025-03-09T09:15:11.240`)
- [CVE-2025-2119](CVE-2025/CVE-2025-21xx/CVE-2025-2119.json) (`2025-03-09T09:15:12.560`)
- [CVE-2025-2120](CVE-2025/CVE-2025-21xx/CVE-2025-2120.json) (`2025-03-09T11:15:35.023`)
- [CVE-2025-2121](CVE-2025/CVE-2025-21xx/CVE-2025-2121.json) (`2025-03-09T11:15:36.647`)
### CVEs modified in the last Commit

6
_state.csv
View File

@ -281539,7 +281539,7 @@ CVE-2025-21176,0,0,d03f69dcb3b1e51b711d4c41d6bfccaba1562702f0aaad28329089c8f50b7
CVE-2025-21177,0,0,4f903499a658859fcb10826be90a0ea63b63f075823c3150567dddccfd65ed77,2025-02-11T22:19:45.057000
CVE-2025-21178,0,0,c7959eb5f27aa12e423969f2bfc0eb3fb196cb3a2af9c2f656ceade14ab294a1,2025-01-27T18:42:39.560000
CVE-2025-21179,0,0,56c99027ad0d41d9c697e46ad29c10aa7c65635cadb6d982db31f0458c99ddfa,2025-02-25T16:56:10.590000
CVE-2025-2118,1,1,1ac16eac1541ef81454bddc60b2e4c9422f4e5c218b8688a4337305f337d463b,2025-03-09T09:15:11.240000
CVE-2025-2118,0,0,1ac16eac1541ef81454bddc60b2e4c9422f4e5c218b8688a4337305f337d463b,2025-03-09T09:15:11.240000
CVE-2025-21181,0,0,da3a9934c4290b3b670cda21e1ec49e2e6a47888699680facdd72d5c329d6586,2025-03-04T15:15:26.497000
CVE-2025-21182,0,0,cc183a741d3d0b62fc82a334158a2ca4fdae6dba068e1b2b22a750e1789b8393,2025-02-25T16:59:25.820000
CVE-2025-21183,0,0,97c60133d935bc6f85808e271daf514b07d577c1754cf44ed14ffde224dc4835,2025-02-25T17:00:06.170000
@ -281549,17 +281549,19 @@ CVE-2025-21186,0,0,8a8ba48b87441215f1c43ede85a3e2813061bed74393786f63526fd639d8d
CVE-2025-21187,0,0,05994f278acb907e9de51acc1037aa859f6c5afa8dace166ad321c325a389481,2025-02-05T19:14:06.093000
CVE-2025-21188,0,0,b31daea4bb469ad7d6730cf1515cfeaf51d8ab46128508537630adf914f3c6d0,2025-02-28T16:02:50.353000
CVE-2025-21189,0,0,329c5c7b58ec66de4b6d9cd35e4d5fad7c108585bdc451001b100691c802e6da,2025-01-27T18:42:24.057000
CVE-2025-2119,1,1,11c1e79be3bf50aecb03d6336a71ed783eaf7a99a912f6e661ef31e34a8febe6,2025-03-09T09:15:12.560000
CVE-2025-2119,0,0,11c1e79be3bf50aecb03d6336a71ed783eaf7a99a912f6e661ef31e34a8febe6,2025-03-09T09:15:12.560000
CVE-2025-21190,0,0,8b2db67cb947998b5b47f9d8f9638f01b53bd9f51551def40a37a7298cc49d1c,2025-02-28T16:02:50.353000
CVE-2025-21193,0,0,f3dd779a9a437e46fb9f30ebcb1d8f684dbb5bb54fbad7b1b2971d455cbeaf6b,2025-01-27T18:42:17.480000
CVE-2025-21194,0,0,4cbf78ebc8712bf991c571b0aba8e62887ba280acbf4ff53a1e72f262be2e98d,2025-02-11T18:15:30.820000
CVE-2025-21198,0,0,409f66843b554eefbda1b14eaef7f0d6b61447a101bf7413282917ca002ecb4d,2025-02-28T16:02:50.353000
CVE-2025-2120,1,1,b533d65276850c88a6f68043d3c7cc2b8e635bf5331a78cad5aab688dffba10f,2025-03-09T11:15:35.023000
CVE-2025-21200,0,0,ac452cf5d8fd7ee078abc4bf9e8393b61bfd7da4b4c1364b02d5f65241a430a0,2025-02-28T16:02:50.353000
CVE-2025-21201,0,0,33cb4b63d3221b6237489bbb3ee9e268d6b471a2dc92fe795430f2b500e3c69e,2025-02-28T16:02:50.353000
CVE-2025-21202,0,0,ec4260bee4bd33c21d930aa9c88a20abd99a3045b6128e76b4237cf160037447,2025-01-27T18:41:27.647000
CVE-2025-21206,0,0,30db180b922f51f20ac3dc612188bb7e771e65f4b8b0475b70dd344d2e79140d,2025-02-28T16:02:50.353000
CVE-2025-21207,0,0,101f5aedceeec8e95c7aa4d154c4fe35b53d1787f61e5e9c69598a5be6aa3415,2025-01-27T18:41:10.137000
CVE-2025-21208,0,0,d6750a7a531b1a606c0d78d60d369b1fb895e79f9d7f1a5bd19ef4a9dbb91db7,2025-02-28T16:02:50.353000
CVE-2025-2121,1,1,5f6e6cafc8b053796282a2422f8f4ad4175988241f629294d1d4fcda459a8172,2025-03-09T11:15:36.647000
CVE-2025-21210,0,0,c84a831bc35a18a87ded790fe8b815dc0d44394e8c6c6597dc3d56e3ec20caba,2025-01-27T18:41:01.470000
CVE-2025-21211,0,0,50fa81ea05a4c3005f4b83063356d13451968ba8d4fc749bb0a7fe76cb440e94,2025-01-27T18:40:51.233000
CVE-2025-21212,0,0,c3cf3d27935b08b1f99386820b4127d20504a527c2595f60d30d4416e217289b,2025-02-28T16:02:50.353000

Can't render this file because it is too large.